Backdoor: a program that allows remote control of an infected computer through the Internet. These programs are not able to duplicate themselves and spread, but they can open ports on the computer where they are executed. Open ports can be used by hackers to access data or programs. Different backdoors have different functions, such as: send and receive files, delete archives, execute payload, or virus management within the infected system.

Bad Reputation: refers to a program that showed suspicious behavior. The program was looked up in the Emsisoft Anti-Malware Network and the result indicated that the file is most likely malicious.

BehavesLike: indicates a program that behaves like the family of the malware named. Exhibition of a typical malware behavior allows us to catalogue some malware automatically.

Dialer: a malicious program that modifies a computer’s Internet connection by changing the telephone number used to connect. Most dangerous for those who use an analog modem and/or ISDN to connect to the Internet. Can also cause a disruption of service for those who use an ADSL connection.

Dropped: a vector file that installs a virus on a computer. Malware authors often use droppers to protect their viruses from malware detection. “Injector” refers to a dropper that installs a single virus in computer memory.

Email-Flooder: a program that continuously sends emails. Created to cram the user’s inbox. Can send hundreds/thousands of emails to overfill the incoming email folder of a specific, targeted account.

Email-Worm: a worm that spreads itself using email. Infects the computer when a malicious email attachment is opened, and then tries to send copies of itself to addresses on the infected user’s contacts list.

Exploit: malicious code that takes advantage of a real application’s bug or vulnerability. Can be used to execute malicious code. Can grant attacker administrator privileges, which can be used to perform illegal actions.

Fraudtool: the infamous “rogue-antivirus,” or malware that pretends to be a security solution. After installation, Fraudtools pretend to “detect” a lot of viruses and also “clean” the user’s system, all the while insisting that the user buy a paid version of the product to completely disinfect and/or optimize their computer. In addition to direct fraud, these programs also have adware functionality.

Generic, Gen: refers to a generic malware detection. Can be detected by signature definitions or heuristics. Can be malicious, but can sometimes be a benevolent “False Positive.” We advise you to scan a generic detection at Virustotal.com or to send it to us for further analysis.

HackTool: a tool used by hackers to gain access to a computer without authorization.

Heuristic: a detection made by our heuristic engine. This means that the detection is based on the analysis of the file’s code. Heuristic detections are not in the Emsisoft database, but have malicious characteristics and are therefore considered dangerous to the computer.

Hijacker: a malicious program that is usually called by Active-X controllers. Infects the computer, infects the web browser, and changes security parameters and default settings all at once.

Java: a malware object executed exclusively by the Java platform.

Joke: a program designed to annoy the user. Not dangerous to the system, but can create confusion and has fun joking around with the user in many ways.

Keylogger: a malicious program created to record everything that is typed on a keyboard and/or everything that occurs in a desktop session. Can also record webcam images and videos. Typed words pass from the keyboard to the computer; during this passage a keylogger filters words, searching for sensitive information, and then it records and transmits that information to a crime network.

LSP: Stands for Layer Service Provider. Libraries that are attached to WinSockTCP/IP functions. They are able to analyze the Internet traffic of an infected computer.

Malware: a generic term used to define a malicious computer program. Virus, Adware, Backdoor, BHO, Dialer, HTML, LSP, Spyware, Trojan, Worm – all of these are malware.

not-a-virus: a program that is not a virus, but is still detected due to the way it behaves. Does not fall under any of our malware definitions, and is in most cases harmless.

possible-Threat: a classification that indicates that the file could be a threat. Indicates that the file has not yet been classified, and that it is potentially dangerous to the computer. We suggest you submit possible-Threats to us for further analysis.

PUP: a potentially unwanted program. Not malware and not dangerous to the computer, but often quite annoying. Displays ads, warnings and other fake messages. Has little to no use and wastes space on the computer. Details.

Ransomware: a type of malware that takes your computer “for ransom.” Installed illegally, without authorization. Can be used by criminals to remotely block user-access to the computer. Once access is blocked, pop-up windows demand payment to unlock the computer.

Riskware: a legitimate program that can cause problems if it is used by hackers to delete, block, modify or copy data. Creates performance problems on infected machines.

Rogue: a fake security program, also known as “scareware.” Pretends to be a useful security program, but in reality offers limited protection or no protection at all. Generates fake warnings and attempts to lure users into fraudulent transactions.

Rootkit: a malicious program used to take complete control of an infected system, without user or administrator authorization. Rootkits are mainly used to hide Backdoors or other malicious code.

Script: a file executed by other platforms. Scripts use another program to execute themselves and can perform various malicious actions.

Setting: not a type of malware, but instead an incorrect system setting. Emsisoft detected this corrupted setting because it is not in the default position. Most likely, malware has tampered with and changed the setting. Emsisoft will restore the setting to its correct position.

Spyware: a malicious program that can secretly track computer activity. Sends recorded information to its criminal author.

SymbOS: this detection indicates a malicious application for Symbian devices. These applications can damage your device and execute malicious code.

Trace: an object (file, folder, or registry key) that remains after a malware infection. Traces can be used by some malware to help their actions but are useless and not dangerous in the absence of their associated malware.

Trace.Directory: a folder that’s leftover from a previous malware infection. Not necessarily dangerous in itself, and often useless in the absence of its associated files. Used by PUPs in the majority of cases, to perform some action.

Trace.File: a file that’s leftover from a previous malware infection. Not necessarily dangerous in itself, and often useless in the absence of its associated files. Used by PUPs in the majority of cases, to perform some action.

Trace.Registry: a registry key that’s leftover from a previous malware infection. Not dangerous in itself, and useless in the absence of its associated malware. Used by PUPs in the majority of cases, to perform some action.

Trojan: a program that intentionally hides its true, malicious actions from the user and also attempts to fool the user into thinking that it is performing legitimate functions. Trojans usually do not work alone; typically they are hidden by Backdoors and used to drop other malware. In general, the task of any Trojan is to execute its payload.

Virtool: a program used by hackers to create viruses and malicious code. Not dangerous in itself, but does produce many different types of malware.

Virus: a malicious program, or part of a program, that infects other programs, archives, system areas (MBR, Boot Sector) or executable objects, with a copy of itself.

Worm: an independent program that tries to infect computers by spreading through a network or by sending e-mails that contain attached copies of itself or other malicious code.

Do you require assistance? If so I can put you into contact with someone from our support team who speaks Portuguese.

http://ralphsrooms.com Ralph Foster

Thank you Steve!

yrfds7

扫描还是一如既往的好用就是更新走不起，难道是因为我用server2012的缘故

Steve

Hi, Ralph. That was a small bug the team fixed a few hours ago. Sorry about that. Simply run an online update to receive the fix.

Noura

Ok, I’ve this issue that has been bugging me for days now, my default browser keeps opening new tabs with ads, so I ran this program and a lot of the resulted files were “no risk” state, but 2 files were high risk in folder syswow64 and I cleaned those 2 files, so why I still have the same issue, and if those files weren’t the problem why Emsisoft didn’t show where was the problem, Thanks

Hi there,
We currently sell all Emsisoft products globally through our online shop. We don’t yet have a physical distributor in Vietnam, but we hope to work with one in the near future.

Andrew Bell

dont need to book mark any of this data have a full run down of all viruses and malware intrution mods just to add if you get a message that a driver isnt correctly installed that show up on my system as a virus intrution

you’re not the boss of me

You would think that for a pay malware utility, and the longest download of definition files in history, it would know not to flag a Kaspersky AV file as a trojan and quarantine it. Oh well, not buying this one. NEXT.

Sean Powers

Hi. I cannot quarantine the following files after a can. Can you please advise? Thank you!

Hi, thanks for your reply! Not sure if you already checked out the EMsisoft Emergency Kit, but that’s basically a free malware scanner to run alongside an antivirus such as Emsisoft IS9. It’s similar to Malwarebytes, and recommend scanning once a month with it as well.

Donna Marie Anderson

can emergency kit scanner restore the settings that have been messed with, if so how do I do that?

Donna Marie Anderson

I have 4 settings things that have been messed with, will emergency kit fix it ? if so how do I do that?